25% off all training courses Offer ends May 8, 2026
View HIPAA Courses
Learner Login Learner Support
Learner Login Learner Support
25% off all training courses
View HIPAA Courses
Offer ends May 8, 2026

The HIPAA Journal is the leading provider of HIPAA training, news, regulatory updates, and independent compliance advice.

Lack of Antivirus Software Behind PhilHealth Ransomware Attack

Posted By on Oct 11, 2023

Last month, the Philippine Health Insurance Corporation (PhilHealth), the national health insurer in the Philippines, experienced a ransomware attack that forced it to shut down many of its computer systems. The Medusa ransomware group conducted the attack and proceeded to leak the sensitive data of plan members when the $300,000 ransom wasn’t paid.

As if the ransomware attack and data leak were not bad enough, further information has emerged on how the attack failed to be prevented. PhilHealth had antivirus software in place, but the license had been allowed to expire, rendering the protection almost useless. The license to use the software expired on April 15, 2023, and the ransomware attack occurred on September 22, 2023.

PhilHealth has confirmed that its antivirus software was out of date and blamed complicated government procurement processes on why the license hadn’t been renewed and an alternative solution had not been implemented. PhilHealth has confirmed that antivirus software has now been implemented, although the software is currently on a free trial, which will expire in 30 days.

PhilHealth said the affected IT systems and workstations have now been restored; however, the sensitive data of members of its insurance plans has already been leaked on the dark web. While the number of individuals affected has yet to be confirmed, Information and Communications Technology Secretary Ivan, John Uy, said millions of individuals have had their data stolen. PhilHealth has issued warnings to those individuals to exercise caution as they may be subject to phishing attacks, and theyhave been told to ignore unexpected calls, emails, and text messages requesting sensitive information such as passwords.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

Healthcare organizations must ensure they maintain an inventory of all software, operating systems, and firmware and ensure they have planned upgrades before licenses expire or support comes to an end. If upgrades or replacement software are necessary, adequate time must be factored in to ensure that procurement and implementation can be completed in time.

Author: Steve Alder is the editor-in-chief of The HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist